Overview

overview

10

Static

static

5

e38e5f1590...e6.exe

windows7-x64

10

e38e5f1590...e6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e38e5f1590d43fc212f4778fbcf0a795e8dda5b65b9cb5fea0524f9aae6ca3e6

  • Size

    110KB

  • Sample

    241120-fh6w4ssbrq

  • MD5

    2f0046f371126fde85c4e276470baaef

  • SHA1

    cd6fba8e2addd8b61e90118a57dae7144cd5eae0

  • SHA256

    e38e5f1590d43fc212f4778fbcf0a795e8dda5b65b9cb5fea0524f9aae6ca3e6

  • SHA512

    f18809a284106cc6853ded400de8caf7e6666daf7526d75a418e9b20eaa3e517cf93d095899be62a730e21ac4d1abb43768f9e50fc9a8396cc984747429d1ff4

  • SSDEEP

    1536:giLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:giyvRmDLs/ZrwWJjAqGcRJ2hg

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      e38e5f1590d43fc212f4778fbcf0a795e8dda5b65b9cb5fea0524f9aae6ca3e6

    • Size

      110KB

    • MD5

      2f0046f371126fde85c4e276470baaef

    • SHA1

      cd6fba8e2addd8b61e90118a57dae7144cd5eae0

    • SHA256

      e38e5f1590d43fc212f4778fbcf0a795e8dda5b65b9cb5fea0524f9aae6ca3e6

    • SHA512

      f18809a284106cc6853ded400de8caf7e6666daf7526d75a418e9b20eaa3e517cf93d095899be62a730e21ac4d1abb43768f9e50fc9a8396cc984747429d1ff4

    • SSDEEP

      1536:giLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:giyvRmDLs/ZrwWJjAqGcRJ2hg

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks